Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2018.0152
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2018-0152)
Zusammenfassung:	The remote host is missing an update for the 'TiMidity++' package(s) announced via the MGASA-2018-0152 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'TiMidity++' package(s) announced via the MGASA-2018-0152 advisory. Vulnerability Insight: The insert_note_steps function in readmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mid file. NOTE: a crash might be relevant when using the --background option (CVE-2017-11546). The resample_gauss function in resample.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted mid file. NOTE: a crash might be relevant when using the --background option. NOTE: the TiMidity++ README.alsaseq documentation suggests a setuid-root installation (CVE-2017-11547). Affected Software/OS: 'TiMidity++' package(s) on Mageia 5, Mageia 6. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-11546 http://seclists.org/fulldisclosure/2017/Jul/83 Common Vulnerability Exposure (CVE) ID: CVE-2017-11547
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.